AI/dify
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/langgenius/dify.git synced 2025-08-12 20:39:01 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: modify app name & icon raise 401 (#759)

Browse Source
This commit is contained in:
takatost 2023-08-06 16:11:04 +08:00 committed by GitHub
parent 51554361fc
commit 95689ec451
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
api/controllers/console/app/app.py
View File

@ -297,19 +297,13 @@ class AppNameApi(Resource):
@account_initialization_required @account_initialization_required
@marshal_with(app_detail_fields) @marshal_with(app_detail_fields)
def post(self, app_id): def post(self, app_id):
app_id = str(app_id)
# The role of the current user in the ta table must be admin or owner app = _get_app(app_id, current_user.current_tenant_id)
if current_user.current_tenant.current_role not in ['admin', 'owner']:
raise Forbidden()
parser = reqparse.RequestParser() parser = reqparse.RequestParser()
parser.add_argument('name', type=str, required=True, location='json') parser.add_argument('name', type=str, required=True, location='json')
args = parser.parse_args() args = parser.parse_args()
app = db.get_or_404(App, str(app_id))
if app.tenant_id != flask.session.get('tenant_id'):
raise Unauthorized()
app.name = args.get('name') app.name = args.get('name')
app.updated_at = datetime.utcnow() app.updated_at = datetime.utcnow()
db.session.commit() db.session.commit()
@ -322,20 +316,14 @@ class AppIconApi(Resource):
@account_initialization_required @account_initialization_required
@marshal_with(app_detail_fields) @marshal_with(app_detail_fields)
def post(self, app_id): def post(self, app_id):
app_id = str(app_id)
# The role of the current user in the ta table must be admin or owner app = _get_app(app_id, current_user.current_tenant_id)
if current_user.current_tenant.current_role not in ['admin', 'owner']:
raise Forbidden()
parser = reqparse.RequestParser() parser = reqparse.RequestParser()
parser.add_argument('icon', type=str, location='json') parser.add_argument('icon', type=str, location='json')
parser.add_argument('icon_background', type=str, location='json') parser.add_argument('icon_background', type=str, location='json')
args = parser.parse_args() args = parser.parse_args()
app = db.get_or_404(App, str(app_id))
if app.tenant_id != flask.session.get('tenant_id'):
raise Unauthorized()
app.icon = args.get('icon') app.icon = args.get('icon')
app.icon_background = args.get('icon_background') app.icon_background = args.get('icon_background')
app.updated_at = datetime.utcnow() app.updated_at = datetime.utcnow()